CVE-2018-7941
CVE-2018-7941
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
10 May 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Huawei iBMC V200R002C60 have an authentication bypass vulnerability. A remote attacker with low privilege may craft specific messages to upload authentication certificate to the affected products. Due to improper validation of the upload authority, successful exploit may cause privilege elevation.
Affected products
Huawei Technologies Co., Ltd. · iBMCWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →